403 Forbidden

[petarl]

My host is bplaced.net and the forum address is forum.baator.bplaced.net. When I start Java SMF Backup 1.3.3 I get the following in log file:

Code: [Select]

[12/12 23:07:46] Next run at: 13.12.2009. 21.00.00
[12/12 23:07:53] Backup notification received.
[12/12 23:07:53] Starting backup procedure.
[12/12 23:07:53] Connecting to admin backend.
[12/12 23:07:53] smfbackup.http.SMFException: Connect failed: HTTP/1.1 403 Forbidden

at smfbackup.http.SMFConnection.doLogin(SMFConnection.java:121)

at smfbackup.http.SMFConnection.doBackup(SMFConnection.java:203)

at smfbackup.http.SMFConnection.doJob(SMFConnection.java:514)

at smfbackup.run.Manageable.run(Manageable.java:29)

[12/12 23:07:53] Next run at: 13.12.2009. 21.00.00

Can anyone help?

[viulian]

Hello,

403 means that it tried to access a resource without sending the proper credentials. However, this might mean:
a) http server configuration
b) some other 'form' tags in the login page, not the login one itself.
etc...

Can you try to disable the quick theme changer at the bottom of the Login page ?
Also, please make sure that you selected the proper forum version ...
To fully understand what the problem is about, I would need a PM from you with an admin username / pass of the forum, to configure the backup application and see where it fails to connect and what is attempting to do. Then you can remove the user. If there are bugs in the application, I will fix and offer a new version for download.

Thank you,

[petarl]

I disabled the Quick Theme Changer, but no luck. I also sent you PM with login parameters.

Thanx.

[viulian]

Thanks for the pm - I've checked the issue.

It seems that your httpd server / host firewall is configured to allow only some "User-Agent" values. When I was connecting with Firefox, the .../index.php?action=admin URL displayed properly (login page was there).

However, when Java SMF Backup wanted to connect to the same URL, your host replied directly with 403 auth denied.

After some trial and error, I found the difference. Java SMF Backup uses Apache Jakarta Http Client which, by default, has User-Agent header with value "Jakarta Commons-HttpClient/3.1".
Only after I made the application to fake the User-Agent by replacing it with Firefox one: "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)" only then the application was able to connect and do proper backup.

Do you have control over that httpd server / reverse proxy / etc,  which replies 403 when it doesn't recognize an "User-Agent" ? To me it seems a way to weed out robots. If so, please add the user agent above (Jakarta....) to the allowed list of user agents.

Thanks,

[petarl]

No, I don't have any control over that httpd server and I can't modify anything regarding server configuration. Is there any possibility to add field in Java SMF Backup to change User-Agent?

[viulian]

Yep, I can add it.

Can you please leave the username / pass active 1, 2 days, to allow me to test the changes ?

Thanks,

[petarl]

Sure, no problem.

[viulian]

Can you please try this version:

http://hex.ro/wb/tracker/EasyTracker.php?id=17

By default the user agent is the jakarta one , so before trying to do backup, please go to Settings and put this user agent:

Code: [Select]

Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)

Please keep me updated

[petarl]

It works flawlessly . Thank you.

[viulian]

Thanks

The admin user you provided, it can be removed...